quorum/p2p/permissions.go

package p2p

import (
	"encoding/json"
	"io/ioutil"
	"os"
	"path/filepath"

	"github.com/ethereum/go-ethereum/log"
	"github.com/ethereum/go-ethereum/p2p/discover"
)

const (
	NODE_NAME_LENGTH    = 32
	PERMISSIONED_CONFIG = "permissioned-nodes.json"
)

// check if a given node is permissioned to connect to the change
func isNodePermissioned(nodename string, currentNode string, datadir string, direction string) bool {

	var permissionedList []string
	nodes := parsePermissionedNodes(datadir)
	for _, v := range nodes {
		permissionedList = append(permissionedList, v.ID.String())
	}

	log.Debug("isNodePermissioned", "permissionedList", permissionedList)
	for _, v := range permissionedList {
		if v == nodename {
			log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:NODE_NAME_LENGTH])
			return true
		}
		log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "DENIED-BY", currentNode[:NODE_NAME_LENGTH])
	}
	log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "DENIED-BY", currentNode[:NODE_NAME_LENGTH])
	return false
}

//this is a shameless copy from the config.go. It is a duplication of the code
//for the timebeing to allow reload of the permissioned nodes while the server is running

func parsePermissionedNodes(DataDir string) []*discover.Node {

	log.Debug("parsePermissionedNodes", "DataDir", DataDir, "file", PERMISSIONED_CONFIG)

	path := filepath.Join(DataDir, PERMISSIONED_CONFIG)
	if _, err := os.Stat(path); err != nil {
		log.Error("Read Error for permissioned-nodes.json file. This is because 'permissioned' flag is specified but no permissioned-nodes.json file is present.", "err", err)
		return nil
	}
	// Load the nodes from the config file
	blob, err := ioutil.ReadFile(path)
	if err != nil {
		log.Error("parsePermissionedNodes: Failed to access nodes", "err", err)
		return nil
	}

	nodelist := []string{}
	if err := json.Unmarshal(blob, &nodelist); err != nil {
		log.Error("parsePermissionedNodes: Failed to load nodes", "err", err)
		return nil
	}
	// Interpret the list as a discovery node array
	var nodes []*discover.Node
	for _, url := range nodelist {
		if url == "" {
			log.Error("parsePermissionedNodes: Node URL blank")
			continue
		}
		node, err := discover.ParseNode(url)
		if err != nil {
			log.Error("parsePermissionedNodes: Node URL", "url", url, "err", err)
			continue
		}
		nodes = append(nodes, node)
	}
	return nodes
}
implemented node permissioning 2016-11-17 15:50:28 -08:00			`package p2p`

			`import (`
			`"encoding/json"`
			`"io/ioutil"`
			`"os"`
			`"path/filepath"`

Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`"github.com/ethereum/go-ethereum/log"`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`"github.com/ethereum/go-ethereum/p2p/discover"`
			`)`

			`const (`
			`NODE_NAME_LENGTH = 32`
			`PERMISSIONED_CONFIG = "permissioned-nodes.json"`
			`)`

			`// check if a given node is permissioned to connect to the change`
			`func isNodePermissioned(nodename string, currentNode string, datadir string, direction string) bool {`

p2p/permissions: Fix typos 2017-11-14 13:43:43 -08:00			`var permissionedList []string`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`nodes := parsePermissionedNodes(datadir)`
			`for _, v := range nodes {`
p2p/permissions: Fix typos 2017-11-14 13:43:43 -08:00			`permissionedList = append(permissionedList, v.ID.String())`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`}`

p2p/permissions: Fix typos 2017-11-14 13:43:43 -08:00			`log.Debug("isNodePermissioned", "permissionedList", permissionedList)`
			`for _, v := range permissionedList {`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`if v == nodename {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:NODE_NAME_LENGTH])`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`return true`
			`}`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "DENIED-BY", currentNode[:NODE_NAME_LENGTH])`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`}`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "DENIED-BY", currentNode[:NODE_NAME_LENGTH])`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`return false`
			`}`

			`//this is a shameless copy from the config.go. It is a duplication of the code`
			`//for the timebeing to allow reload of the permissioned nodes while the server is running`

			`func parsePermissionedNodes(DataDir string) []*discover.Node {`

Tweak permissioned node logging. 2017-11-14 12:57:09 -08:00			`log.Debug("parsePermissionedNodes", "DataDir", DataDir, "file", PERMISSIONED_CONFIG)`
implemented node permissioning 2016-11-17 15:50:28 -08:00
			`path := filepath.Join(DataDir, PERMISSIONED_CONFIG)`
			`if _, err := os.Stat(path); err != nil {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Error("Read Error for permissioned-nodes.json file. This is because 'permissioned' flag is specified but no permissioned-nodes.json file is present.", "err", err)`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`return nil`
			`}`
			`// Load the nodes from the config file`
			`blob, err := ioutil.ReadFile(path)`
			`if err != nil {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Error("parsePermissionedNodes: Failed to access nodes", "err", err)`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`return nil`
			`}`

			`nodelist := []string{}`
			`if err := json.Unmarshal(blob, &nodelist); err != nil {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Error("parsePermissionedNodes: Failed to load nodes", "err", err)`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`return nil`
			`}`
			`// Interpret the list as a discovery node array`
			`var nodes []*discover.Node`
			`for _, url := range nodelist {`
			`if url == "" {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Error("parsePermissionedNodes: Node URL blank")`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`continue`
			`}`
			`node, err := discover.ParseNode(url)`
			`if err != nil {`
Geth 1.7.2 rebase and addition of Istanbul BFT (#207) 2017-10-31 15:24:11 -07:00			`log.Error("parsePermissionedNodes: Node URL", "url", url, "err", err)`
implemented node permissioning 2016-11-17 15:50:28 -08:00			`continue`
			`}`
			`nodes = append(nodes, node)`
			`}`
			`return nodes`
			`}`